import org.junit.Test;
import org.sonar.api.web.UserRole;
+import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.organization.OrganizationDto;
public void add_permission_to_group_referenced_by_its_name() throws Exception {
GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
newRequest()
.setParam(PARAM_GROUP_NAME, "sonar-administrators")
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
public void reference_group_by_its_name_in_organization() throws Exception {
OrganizationDto org = OrganizationTesting.insert(db, newOrganizationDto());
GroupDto group = db.users().insertGroup(org, "the-group");
+ loginAsAdmin(org);
- loginAsOrganizationAdmin(org);
newRequest()
.setParam(PARAM_ORGANIZATION_KEY, org.getKey())
.setParam(PARAM_GROUP_NAME, group.getName())
public void add_permission_to_group_referenced_by_its_id() throws Exception {
GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
newRequest()
.setParam(PARAM_GROUP_ID, group.getId().toString())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
ComponentDto project = db.components().insertComponent(newProjectDto(A_PROJECT_UUID).setKey(A_PROJECT_KEY));
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
newRequest()
.setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PROJECT_ID, A_PROJECT_UUID)
GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
ComponentDto project = db.components().insertComponent(newProjectDto(A_PROJECT_UUID).setKey(A_PROJECT_KEY));
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
newRequest()
.setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PROJECT_KEY, A_PROJECT_KEY)
GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
ComponentDto view = db.components().insertComponent(newView("view-uuid").setKey("view-key"));
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
newRequest()
.setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PROJECT_ID, view.uuid())
@Test
public void fail_if_project_uuid_is_not_found() throws Exception {
GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
expectedException.expect(NotFoundException.class);
newRequest()
@Test
public void adding_a_project_permission_fails_if_project_is_not_set() throws Exception {
GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
expectedException.expect(BadRequestException.class);
GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
ComponentDto project = db.components().insertComponent(newProjectDto(A_PROJECT_UUID).setKey(A_PROJECT_KEY));
ComponentDto file = db.components().insertComponent(ComponentTesting.newFileDto(project, null, "file-uuid"));
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
expectedException.expect(BadRequestException.class);
@Test
public void fail_when_get_request() throws Exception {
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
expectedException.expect(ServerException.class);
@Test
public void fail_when_group_name_and_group_id_are_missing() throws Exception {
- loginAsAdmin();
+ loginAsAdminOnDefaultOrganization();
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Group name or group id must be provided");
}
@Test
- public void fail_when_permission_is_missing() throws Exception {
- GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
- loginAsAdmin();
+ public void fail_if_not_administrator_of_organization() throws Exception {
+ GroupDto group = db.users().insertGroup();
+ loginAsAdminOnDefaultOrganization();
expectedException.expect(IllegalArgumentException.class);
.execute();
}
+ @Test
+ public void fail_if_administrator_of_other_organization_only() throws Exception {
+ OrganizationDto org1 = OrganizationTesting.insert(db, newOrganizationDto());
+ OrganizationDto org2 = OrganizationTesting.insert(db, newOrganizationDto());
+ GroupDto group = db.users().insertGroup(org1, "the-group");
+ loginAsAdmin(org2);
+
+ expectedException.expect(ForbiddenException.class);
+
+ newRequest()
+ .setParam(PARAM_GROUP_ID, group.getId().toString())
+ .setParam(PARAM_PERMISSION, PROVISIONING)
+ .execute();
+ }
+
@Test
public void fail_when_project_uuid_and_project_key_are_provided() throws Exception {
- db.users().insertGroup(defaultOrganizationProvider.getDto(), "sonar-administrators");
- db.components().insertComponent(newProjectDto(A_PROJECT_UUID).setKey(A_PROJECT_KEY));
- loginAsAdmin();
+ GroupDto group = db.users().insertGroup();
+ ComponentDto project = db.components().insertComponent(newProjectDto());
+ loginAsAdminOnDefaultOrganization();
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Project id or project key can be provided, not both.");
newRequest()
- .setParam(PARAM_GROUP_NAME, "sonar-administrators")
+ .setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN)
- .setParam(PARAM_PROJECT_ID, "project-uuid")
- .setParam(PARAM_PROJECT_KEY, A_PROJECT_KEY)
+ .setParam(PARAM_PROJECT_ID, project.uuid())
+ .setParam(PARAM_PROJECT_KEY, project.key())
.execute();
}
return wsTester.newPostRequest(CONTROLLER, ACTION);
}
- private void loginAsAdmin() {
- loginAsOrganizationAdmin(db.getDefaultOrganization());
+ private void loginAsAdminOnDefaultOrganization() {
+ loginAsAdmin(db.getDefaultOrganization());
}
- private void loginAsOrganizationAdmin(OrganizationDto org) {
- userSession.login().addOrganizationPermission(org.getUuid(), SYSTEM_ADMIN);
+ private void loginAsAdmin(OrganizationDto org) {
+ userSession.login().addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
}
}